tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
crypto: Kconfig - simplify cipher entries
Shorten menu titles and make them consistent:
- acronym
- name
- architecture features in parenthesis
- no suffixes like "<something> algorithm", "support", or
"hardware acceleration", or "optimized"
Simplify help text descriptions, update references, and ensure that
https references are still valid.
Signed-off-by: Robert Elliott <elliott@hpe.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
authored by
Robert Elliott
and committed by
Herbert Xu
cf514b2a
9bc51715
+410
-344
+31
-9
arch/arm/crypto/Kconfig
+31
-9
arch/arm/crypto/Kconfig
···
144
144
- NEON (Advanced SIMD) extensions
145
145
146
146
config CRYPTO_AES_ARM
147
-
tristate "Scalar AES cipher for ARM"
147
+
tristate "Ciphers: AES"
148
148
select CRYPTO_ALGAPI
149
149
select CRYPTO_AES
150
150
help
151
-
Use optimized AES assembler routines for ARM platforms.
151
+
Block ciphers: AES cipher algorithms (FIPS-197)
152
+
153
+
Architecture: arm
152
154
153
155
On ARM processors without the Crypto Extensions, this is the
154
156
fastest AES implementation for single blocks. For multiple
···
162
160
such attacks very difficult.
163
161
164
162
config CRYPTO_AES_ARM_BS
165
-
tristate "Bit sliced AES using NEON instructions"
163
+
tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (bit-sliced NEON)"
166
164
depends on KERNEL_MODE_NEON
167
165
select CRYPTO_SKCIPHER
168
166
select CRYPTO_LIB_AES
···
170
168
select CRYPTO_CBC
171
169
select CRYPTO_SIMD
172
170
help
173
-
Use a faster and more secure NEON based implementation of AES in CBC,
174
-
CTR and XTS modes
171
+
Length-preserving ciphers: AES cipher algorithms (FIPS-197)
172
+
with block cipher modes:
173
+
- ECB (Electronic Codebook) mode (NIST SP800-38A)
174
+
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
175
+
- CTR (Counter) mode (NIST SP800-38A)
176
+
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
177
+
and IEEE 1619)
175
178
176
179
Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
177
180
and for XTS mode encryption, CBC and XTS mode decryption speedup is
···
185
178
believed to be invulnerable to cache timing attacks.
186
179
187
180
config CRYPTO_AES_ARM_CE
188
-
tristate "Accelerated AES using ARMv8 Crypto Extensions"
181
+
tristate "Ciphers: AES, modes: ECB/CBC/CTS/CTR/XTS (ARMv8 Crypto Extensions)"
189
182
depends on KERNEL_MODE_NEON
190
183
select CRYPTO_SKCIPHER
191
184
select CRYPTO_LIB_AES
192
185
select CRYPTO_SIMD
193
186
help
194
-
Use an implementation of AES in CBC, CTR and XTS modes that uses
195
-
ARMv8 Crypto Extensions
187
+
Length-preserving ciphers: AES cipher algorithms (FIPS-197)
188
+
with block cipher modes:
189
+
- ECB (Electronic Codebook) mode (NIST SP800-38A)
190
+
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
191
+
- CTR (Counter) mode (NIST SP800-38A)
192
+
- CTS (Cipher Text Stealing) mode (NIST SP800-38A)
193
+
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
194
+
and IEEE 1619)
195
+
196
+
Architecture: arm using:
197
+
- ARMv8 Crypto Extensions
196
198
197
199
config CRYPTO_CHACHA20_NEON
198
-
tristate "NEON and scalar accelerated ChaCha stream cipher algorithms"
200
+
tristate "Ciphers: ChaCha20, XChaCha20, XChaCha12 (NEON)"
199
201
select CRYPTO_SKCIPHER
200
202
select CRYPTO_ARCH_HAVE_LIB_CHACHA
203
+
help
204
+
Length-preserving ciphers: ChaCha20, XChaCha20, and XChaCha12
205
+
stream cipher algorithms
206
+
207
+
Architecture: arm using:
208
+
- NEON (Advanced SIMD) extensions
201
209
202
210
config CRYPTO_CRC32_ARM_CE
203
211
tristate "CRC32C and CRC32"
+99
-10
arch/arm64/crypto/Kconfig
+99
-10
arch/arm64/crypto/Kconfig
···
118
118
- ARMv8 Crypto Extensions
119
119
120
120
config CRYPTO_AES_ARM64
121
-
tristate "AES core cipher using scalar instructions"
121
+
tristate "Ciphers: AES, modes: ECB, CBC, CTR, CTS, XCTR, XTS"
122
122
select CRYPTO_AES
123
+
help
124
+
Block ciphers: AES cipher algorithms (FIPS-197)
125
+
Length-preserving ciphers: AES with ECB, CBC, CTR, CTS,
126
+
XCTR, and XTS modes
127
+
AEAD cipher: AES with CBC, ESSIV, and SHA-256
128
+
for fscrypt and dm-crypt
129
+
130
+
Architecture: arm64
123
131
124
132
config CRYPTO_AES_ARM64_CE
125
-
tristate "AES core cipher using ARMv8 Crypto Extensions"
133
+
tristate "Ciphers: AES (ARMv8 Crypto Extensions)"
126
134
depends on ARM64 && KERNEL_MODE_NEON
127
135
select CRYPTO_ALGAPI
128
136
select CRYPTO_LIB_AES
137
+
help
138
+
Block ciphers: AES cipher algorithms (FIPS-197)
139
+
140
+
Architecture: arm64 using:
141
+
- ARMv8 Crypto Extensions
129
142
130
143
config CRYPTO_AES_ARM64_CE_BLK
131
-
tristate "AES in ECB/CBC/CTR/XTS/XCTR modes using ARMv8 Crypto Extensions"
144
+
tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (ARMv8 Crypto Extensions)"
132
145
depends on KERNEL_MODE_NEON
133
146
select CRYPTO_SKCIPHER
134
147
select CRYPTO_AES_ARM64_CE
148
+
help
149
+
Length-preserving ciphers: AES cipher algorithms (FIPS-197)
150
+
with block cipher modes:
151
+
- ECB (Electronic Codebook) mode (NIST SP800-38A)
152
+
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
153
+
- CTR (Counter) mode (NIST SP800-38A)
154
+
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
155
+
and IEEE 1619)
156
+
157
+
Architecture: arm64 using:
158
+
- ARMv8 Crypto Extensions
135
159
136
160
config CRYPTO_AES_ARM64_NEON_BLK
137
-
tristate "AES in ECB/CBC/CTR/XTS/XCTR modes using NEON instructions"
161
+
tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (NEON)"
138
162
depends on KERNEL_MODE_NEON
139
163
select CRYPTO_SKCIPHER
140
164
select CRYPTO_LIB_AES
165
+
help
166
+
Length-preserving ciphers: AES cipher algorithms (FIPS-197)
167
+
with block cipher modes:
168
+
- ECB (Electronic Codebook) mode (NIST SP800-38A)
169
+
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
170
+
- CTR (Counter) mode (NIST SP800-38A)
171
+
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
172
+
and IEEE 1619)
173
+
174
+
Architecture: arm64 using:
175
+
- NEON (Advanced SIMD) extensions
141
176
142
177
config CRYPTO_CHACHA20_NEON
143
-
tristate "ChaCha20, XChaCha20, and XChaCha12 stream ciphers using NEON instructions"
178
+
tristate "Ciphers: ChaCha (NEON)"
144
179
depends on KERNEL_MODE_NEON
145
180
select CRYPTO_SKCIPHER
146
181
select CRYPTO_LIB_CHACHA_GENERIC
147
182
select CRYPTO_ARCH_HAVE_LIB_CHACHA
183
+
help
184
+
Length-preserving ciphers: ChaCha20, XChaCha20, and XChaCha12
185
+
stream cipher algorithms
186
+
187
+
Architecture: arm64 using:
188
+
- NEON (Advanced SIMD) extensions
148
189
149
190
config CRYPTO_AES_ARM64_BS
150
-
tristate "AES in ECB/CBC/CTR/XTS modes using bit-sliced NEON algorithm"
191
+
tristate "Ciphers: AES, modes: ECB/CBC/CTR/XCTR/XTS modes (bit-sliced NEON)"
151
192
depends on KERNEL_MODE_NEON
152
193
select CRYPTO_SKCIPHER
153
194
select CRYPTO_AES_ARM64_NEON_BLK
154
195
select CRYPTO_LIB_AES
196
+
help
197
+
Length-preserving ciphers: AES cipher algorithms (FIPS-197)
198
+
with block cipher modes:
199
+
- ECB (Electronic Codebook) mode (NIST SP800-38A)
200
+
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
201
+
- CTR (Counter) mode (NIST SP800-38A)
202
+
- XCTR mode for HCTR2
203
+
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
204
+
and IEEE 1619)
205
+
206
+
Architecture: arm64 using:
207
+
- bit-sliced algorithm
208
+
- NEON (Advanced SIMD) extensions
155
209
156
210
config CRYPTO_SM4_ARM64_CE
157
-
tristate "SM4 symmetric cipher (ARMv8.2 Crypto Extensions)"
211
+
tristate "Ciphers: SM4 (ARMv8.2 Crypto Extensions)"
158
212
depends on KERNEL_MODE_NEON
159
213
select CRYPTO_ALGAPI
160
214
select CRYPTO_SM4
215
+
help
216
+
Block ciphers: SM4 cipher algorithms (OSCCA GB/T 32907-2016)
217
+
218
+
Architecture: arm64 using:
219
+
- ARMv8.2 Crypto Extensions
220
+
- NEON (Advanced SIMD) extensions
161
221
162
222
config CRYPTO_SM4_ARM64_CE_BLK
163
-
tristate "SM4 in ECB/CBC/CFB/CTR modes using ARMv8 Crypto Extensions"
223
+
tristate "Ciphers: SM4, modes: ECB/CBC/CFB/CTR (ARMv8 Crypto Extensions)"
164
224
depends on KERNEL_MODE_NEON
165
225
select CRYPTO_SKCIPHER
166
226
select CRYPTO_SM4
227
+
help
228
+
Length-preserving ciphers: SM4 cipher algorithms (OSCCA GB/T 32907-2016)
229
+
with block cipher modes:
230
+
- ECB (Electronic Codebook) mode (NIST SP800-38A)
231
+
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
232
+
- CFB (Cipher Feedback) mode (NIST SP800-38A)
233
+
- CTR (Counter) mode (NIST SP800-38A)
234
+
235
+
Architecture: arm64 using:
236
+
- ARMv8 Crypto Extensions
237
+
- NEON (Advanced SIMD) extensions
167
238
168
239
config CRYPTO_SM4_ARM64_NEON_BLK
169
-
tristate "SM4 in ECB/CBC/CFB/CTR modes using NEON instructions"
240
+
tristate "Ciphers: SM4, modes: ECB/CBC/CFB/CTR (NEON)"
170
241
depends on KERNEL_MODE_NEON
171
242
select CRYPTO_SKCIPHER
172
243
select CRYPTO_SM4
244
+
help
245
+
Length-preserving ciphers: SM4 cipher algorithms (OSCCA GB/T 32907-2016)
246
+
with block cipher modes:
247
+
- ECB (Electronic Codebook) mode (NIST SP800-38A)
248
+
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
249
+
- CFB (Cipher Feedback) mode (NIST SP800-38A)
250
+
- CTR (Counter) mode (NIST SP800-38A)
251
+
252
+
Architecture: arm64 using:
253
+
- NEON (Advanced SIMD) extensions
173
254
174
255
config CRYPTO_AES_ARM64_CE_CCM
175
-
tristate "AES in CCM mode using ARMv8 Crypto Extensions"
256
+
tristate "AEAD cipher: AES in CCM mode (ARMv8 Crypto Extensions)"
176
257
depends on ARM64 && KERNEL_MODE_NEON
177
258
select CRYPTO_ALGAPI
178
259
select CRYPTO_AES_ARM64_CE
179
260
select CRYPTO_AEAD
180
261
select CRYPTO_LIB_AES
262
+
help
263
+
AEAD cipher: AES cipher algorithms (FIPS-197) with
264
+
CCM (Counter with Cipher Block Chaining-Message Authentication Code)
265
+
authenticated encryption mode (NIST SP800-38C)
266
+
267
+
Architecture: arm64 using:
268
+
- ARMv8 Crypto Extensions
269
+
- NEON (Advanced SIMD) extensions
181
270
182
271
config CRYPTO_CRCT10DIF_ARM64_CE
183
272
tristate "CRCT10DIF (PMULL)"
+6
-1
arch/mips/crypto/Kconfig
+6
-1
arch/mips/crypto/Kconfig
···
61
61
Architecture: mips OCTEON using crypto instructions, when available
62
62
63
63
config CRYPTO_CHACHA_MIPS
64
-
tristate "ChaCha stream cipher algorithms (MIPS 32r2 optimized)"
64
+
tristate "Ciphers: ChaCha20, XChaCha20, XChaCha12 (MIPS32r2)"
65
65
depends on CPU_MIPS32_R2
66
66
select CRYPTO_SKCIPHER
67
67
select CRYPTO_ARCH_HAVE_LIB_CHACHA
68
+
help
69
+
Length-preserving ciphers: ChaCha20, XChaCha20, and XChaCha12
70
+
stream cipher algorithms
71
+
72
+
Architecture: MIPS32r2
68
73
69
74
endmenu
+11
-3
arch/powerpc/crypto/Kconfig
+11
-3
arch/powerpc/crypto/Kconfig
···
73
73
- SPE (Signal Processing Engine) extensions
74
74
75
75
config CRYPTO_AES_PPC_SPE
76
-
tristate "AES cipher algorithms (PPC SPE)"
76
+
tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (SPE)"
77
77
depends on PPC && SPE
78
78
select CRYPTO_SKCIPHER
79
79
help
80
-
AES cipher algorithms (FIPS-197). Additionally the acceleration
81
-
for popular block cipher modes ECB, CBC, CTR and XTS is supported.
80
+
Block ciphers: AES cipher algorithms (FIPS-197)
81
+
Length-preserving ciphers: AES with ECB, CBC, CTR, and XTS modes
82
+
83
+
Architecture: powerpc using:
84
+
- SPE (Signal Processing Engine) extensions
85
+
86
+
SPE is available for:
87
+
- Processor Type: Freescale 8500
88
+
- CPU selection: e500 (8540)
89
+
82
90
This module should only be used for low power (router) devices
83
91
without hardware AES acceleration (e.g. caam crypto). It reduces the
84
92
size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
+19
-9
arch/s390/crypto/Kconfig
+19
-9
arch/s390/crypto/Kconfig
···
81
81
It is available as of z196.
82
82
83
83
config CRYPTO_AES_S390
84
-
tristate "AES cipher algorithms"
84
+
tristate "Ciphers: AES, modes: ECB, CBC, CTR, XTS, GCM"
85
85
depends on S390
86
86
select CRYPTO_ALGAPI
87
87
select CRYPTO_SKCIPHER
88
88
help
89
-
This is the s390 hardware accelerated implementation of the
90
-
AES cipher algorithms (FIPS-197).
89
+
Block cipher: AES cipher algorithms (FIPS 197)
90
+
AEAD cipher: AES with GCM
91
+
Length-preserving ciphers: AES with ECB, CBC, XTS, and CTR modes
92
+
93
+
Architecture: s390
91
94
92
95
As of z9 the ECB and CBC modes are hardware accelerated
93
96
for 128 bit keys.
97
+
94
98
As of z10 the ECB and CBC modes are hardware accelerated
95
99
for all AES key sizes.
100
+
96
101
As of z196 the CTR mode is hardware accelerated for all AES
97
102
key sizes and XTS mode is hardware accelerated for 256 and
98
103
512 bit keys.
99
104
100
105
config CRYPTO_DES_S390
101
-
tristate "DES and Triple DES cipher algorithms"
106
+
tristate "Ciphers: DES and Triple DES EDE, modes: ECB, CBC, CTR"
102
107
depends on S390
103
108
select CRYPTO_ALGAPI
104
109
select CRYPTO_SKCIPHER
105
110
select CRYPTO_LIB_DES
106
111
help
107
-
This is the s390 hardware accelerated implementation of the
108
-
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
112
+
Block ciphers: DES (FIPS 46-2) cipher algorithm
113
+
Block ciphers: Triple DES EDE (FIPS 46-3) cipher algorithm
114
+
Length-preserving ciphers: DES with ECB, CBC, and CTR modes
115
+
Length-preserving ciphers: Triple DES EDED with ECB, CBC, and CTR modes
116
+
117
+
Architecture: s390
109
118
110
119
As of z990 the ECB and CBC mode are hardware accelerated.
111
120
As of z196 the CTR mode is hardware accelerated.
112
121
113
122
config CRYPTO_CHACHA_S390
114
-
tristate "ChaCha20 stream cipher"
123
+
tristate "Ciphers: ChaCha20"
115
124
depends on S390
116
125
select CRYPTO_SKCIPHER
117
126
select CRYPTO_LIB_CHACHA_GENERIC
118
127
select CRYPTO_ARCH_HAVE_LIB_CHACHA
119
128
help
120
-
This is the s390 SIMD implementation of the ChaCha20 stream
121
-
cipher (RFC 7539).
129
+
Length-preserving cipher: ChaCha20 stream cipher (RFC 7539)
130
+
131
+
Architecture: s390
122
132
123
133
It is available as of z13.
124
134
+15
-33
arch/sparc/crypto/Kconfig
+15
-33
arch/sparc/crypto/Kconfig
···
3
3
menu "Accelerated Cryptographic Algorithms for CPU (sparc64)"
4
4
5
5
config CRYPTO_DES_SPARC64
6
-
tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
6
+
tristate "Ciphers: DES and Triple DES EDE, modes: ECB/CBC"
7
7
depends on SPARC64
8
8
select CRYPTO_ALGAPI
9
9
select CRYPTO_LIB_DES
10
10
select CRYPTO_SKCIPHER
11
11
help
12
-
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
13
-
optimized using SPARC64 crypto opcodes.
12
+
Block cipher: DES (FIPS 46-2) cipher algorithm
13
+
Block cipher: Triple DES EDE (FIPS 46-3) cipher algorithm
14
+
Length-preserving ciphers: DES with ECB and CBC modes
15
+
Length-preserving ciphers: Tripe DES EDE with ECB and CBC modes
16
+
17
+
Architecture: sparc64
14
18
15
19
config CRYPTO_CRC32C_SPARC64
16
20
tristate "CRC32c"
···
67
63
Architecture: sparc64 using crypto instructions, when available
68
64
69
65
config CRYPTO_AES_SPARC64
70
-
tristate "AES cipher algorithms (SPARC64)"
66
+
tristate "Ciphers: AES, modes: ECB, CBC, CTR"
71
67
depends on SPARC64
72
68
select CRYPTO_SKCIPHER
73
69
help
74
-
Use SPARC64 crypto opcodes for AES algorithm.
70
+
Block ciphers: AES cipher algorithms (FIPS-197)
71
+
Length-preseving ciphers: AES with ECB, CBC, and CTR modes
75
72
76
-
AES cipher algorithms (FIPS-197). AES uses the Rijndael
77
-
algorithm.
78
-
79
-
Rijndael appears to be consistently a very good performer in
80
-
both hardware and software across a wide range of computing
81
-
environments regardless of its use in feedback or non-feedback
82
-
modes. Its key setup time is excellent, and its key agility is
83
-
good. Rijndael's very low memory requirements make it very well
84
-
suited for restricted-space environments, in which it also
85
-
demonstrates excellent performance. Rijndael's operations are
86
-
among the easiest to defend against power and timing attacks.
87
-
88
-
The AES specifies three key sizes: 128, 192 and 256 bits
89
-
90
-
See <http://csrc.nist.gov/encryption/aes/> for more information.
91
-
92
-
In addition to AES cipher algorithm support, the acceleration
93
-
for some popular block cipher mode is supported too, including
94
-
ECB and CBC.
73
+
Architecture: sparc64 using crypto instructions
95
74
96
75
config CRYPTO_CAMELLIA_SPARC64
97
-
tristate "Camellia cipher algorithm (SPARC64)"
76
+
tristate "Ciphers: Camellia, modes: ECB, CBC"
98
77
depends on SPARC64
99
78
select CRYPTO_ALGAPI
100
79
select CRYPTO_SKCIPHER
101
80
help
102
-
Camellia cipher algorithm module (SPARC64).
81
+
Block ciphers: Camellia cipher algorithms
82
+
Length-preserving ciphers: Camellia with ECB and CBC modes
103
83
104
-
Camellia is a symmetric key block cipher developed jointly
105
-
at NTT and Mitsubishi Electric Corporation.
106
-
107
-
The Camellia specifies three key sizes: 128, 192 and 256 bits.
108
-
109
-
See also:
110
-
<https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
84
+
Architecture: sparc64
111
85
112
86
endmenu
+108
-166
arch/x86/crypto/Kconfig
+108
-166
arch/x86/crypto/Kconfig
···
14
14
- ADX (large integer arithmetic)
15
15
16
16
config CRYPTO_AES_NI_INTEL
17
-
tristate "AES cipher algorithms (AES-NI)"
17
+
tristate "Ciphers: AES, modes: ECB, CBC, CTS, CTR, XTR, XTS, GCM (AES-NI)"
18
18
depends on X86
19
19
select CRYPTO_AEAD
20
20
select CRYPTO_LIB_AES
···
22
22
select CRYPTO_SKCIPHER
23
23
select CRYPTO_SIMD
24
24
help
25
-
Use Intel AES-NI instructions for AES algorithm.
25
+
Block cipher: AES cipher algorithms
26
+
AEAD cipher: AES with GCM
27
+
Length-preserving ciphers: AES with ECB, CBC, CTS, CTR, XTR, XTS
26
28
27
-
AES cipher algorithms (FIPS-197). AES uses the Rijndael
28
-
algorithm.
29
-
30
-
Rijndael appears to be consistently a very good performer in
31
-
both hardware and software across a wide range of computing
32
-
environments regardless of its use in feedback or non-feedback
33
-
modes. Its key setup time is excellent, and its key agility is
34
-
good. Rijndael's very low memory requirements make it very well
35
-
suited for restricted-space environments, in which it also
36
-
demonstrates excellent performance. Rijndael's operations are
37
-
among the easiest to defend against power and timing attacks.
38
-
39
-
The AES specifies three key sizes: 128, 192 and 256 bits
40
-
41
-
See <http://csrc.nist.gov/encryption/aes/> for more information.
42
-
43
-
In addition to AES cipher algorithm support, the acceleration
44
-
for some popular block cipher mode is supported too, including
45
-
ECB, CBC, LRW, XTS. The 64 bit version has additional
46
-
acceleration for CTR and XCTR.
29
+
Architecture: x86 (32-bit and 64-bit) using:
30
+
- AES-NI (AES new instructions)
47
31
48
32
config CRYPTO_BLOWFISH_X86_64
49
-
tristate "Blowfish cipher algorithm (x86_64)"
33
+
tristate "Ciphers: Blowfish, modes: ECB, CBC"
50
34
depends on X86 && 64BIT
51
35
select CRYPTO_SKCIPHER
52
36
select CRYPTO_BLOWFISH_COMMON
53
37
imply CRYPTO_CTR
54
38
help
55
-
Blowfish cipher algorithm (x86_64), by Bruce Schneier.
39
+
Block cipher: Blowfish cipher algorithm
40
+
Length-preserving ciphers: Blowfish with ECB and CBC modes
56
41
57
-
This is a variable key length cipher which can use keys from 32
58
-
bits to 448 bits in length. It's fast, simple and specifically
59
-
designed for use on "large microprocessors".
60
-
61
-
See also:
62
-
<https://www.schneier.com/blowfish.html>
42
+
Architecture: x86_64
63
43
64
44
config CRYPTO_CAMELLIA_X86_64
65
-
tristate "Camellia cipher algorithm (x86_64)"
45
+
tristate "Ciphers: Camellia with modes: ECB, CBC"
66
46
depends on X86 && 64BIT
67
47
select CRYPTO_SKCIPHER
68
48
imply CRYPTO_CTR
69
49
help
70
-
Camellia cipher algorithm module (x86_64).
50
+
Block cipher: Camellia cipher algorithms
51
+
Length-preserving ciphers: Camellia with ECB and CBC modes
71
52
72
-
Camellia is a symmetric key block cipher developed jointly
73
-
at NTT and Mitsubishi Electric Corporation.
74
-
75
-
The Camellia specifies three key sizes: 128, 192 and 256 bits.
76
-
77
-
See also:
78
-
<https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
53
+
Architecture: x86_64
79
54
80
55
config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
81
-
tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
56
+
tristate "Ciphers: Camellia with modes: ECB, CBC (AES-NI/AVX)"
82
57
depends on X86 && 64BIT
83
58
select CRYPTO_SKCIPHER
84
59
select CRYPTO_CAMELLIA_X86_64
85
60
select CRYPTO_SIMD
86
61
imply CRYPTO_XTS
87
62
help
88
-
Camellia cipher algorithm module (x86_64/AES-NI/AVX).
63
+
Length-preserving ciphers: Camellia with ECB and CBC modes
89
64
90
-
Camellia is a symmetric key block cipher developed jointly
91
-
at NTT and Mitsubishi Electric Corporation.
92
-
93
-
The Camellia specifies three key sizes: 128, 192 and 256 bits.
94
-
95
-
See also:
96
-
<https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
65
+
Architecture: x86_64 using:
66
+
- AES-NI (AES New Instructions)
67
+
- AVX (Advanced Vector Extensions)
97
68
98
69
config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
99
-
tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
70
+
tristate "Ciphers: Camellia with modes: ECB, CBC (AES-NI/AVX2)"
100
71
depends on X86 && 64BIT
101
72
select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
102
73
help
103
-
Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
74
+
Length-preserving ciphers: Camellia with ECB and CBC modes
104
75
105
-
Camellia is a symmetric key block cipher developed jointly
106
-
at NTT and Mitsubishi Electric Corporation.
107
-
108
-
The Camellia specifies three key sizes: 128, 192 and 256 bits.
109
-
110
-
See also:
111
-
<https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
76
+
Architecture: x86_64 using:
77
+
- AES-NI (AES New Instructions)
78
+
- AVX2 (Advanced Vector Extensions 2)
112
79
113
80
config CRYPTO_CAST5_AVX_X86_64
114
-
tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
81
+
tristate "Ciphers: CAST5 with modes: ECB, CBC (AVX)"
115
82
depends on X86 && 64BIT
116
83
select CRYPTO_SKCIPHER
117
84
select CRYPTO_CAST5
···
86
119
select CRYPTO_SIMD
87
120
imply CRYPTO_CTR
88
121
help
89
-
The CAST5 encryption algorithm (synonymous with CAST-128) is
90
-
described in RFC2144.
122
+
Length-preserving ciphers: CAST5 (CAST-128) cipher algorithm
123
+
(RFC2144) with ECB and CBC modes
91
124
92
-
This module provides the Cast5 cipher algorithm that processes
93
-
sixteen blocks parallel using the AVX instruction set.
125
+
Architecture: x86_64 using:
126
+
- AVX (Advanced Vector Extensions)
127
+
128
+
Processes 16 blocks in parallel.
94
129
95
130
config CRYPTO_CAST6_AVX_X86_64
96
-
tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
131
+
tristate "Ciphers: CAST6 with modes: ECB, CBC (AVX)"
97
132
depends on X86 && 64BIT
98
133
select CRYPTO_SKCIPHER
99
134
select CRYPTO_CAST6
···
104
135
imply CRYPTO_XTS
105
136
imply CRYPTO_CTR
106
137
help
107
-
The CAST6 encryption algorithm (synonymous with CAST-256) is
108
-
described in RFC2612.
138
+
Length-preserving ciphers: CAST6 (CAST-256) cipher algorithm
139
+
(RFC2612) with ECB and CBC modes
109
140
110
-
This module provides the Cast6 cipher algorithm that processes
111
-
eight blocks parallel using the AVX instruction set.
141
+
Architecture: x86_64 using:
142
+
- AVX (Advanced Vector Extensions)
143
+
144
+
Processes eight blocks in parallel.
112
145
113
146
config CRYPTO_DES3_EDE_X86_64
114
-
tristate "Triple DES EDE cipher algorithm (x86-64)"
147
+
tristate "Ciphers: Triple DES EDE with modes: ECB, CBC"
115
148
depends on X86 && 64BIT
116
149
select CRYPTO_SKCIPHER
117
150
select CRYPTO_LIB_DES
118
151
imply CRYPTO_CTR
119
152
help
120
-
Triple DES EDE (FIPS 46-3) algorithm.
153
+
Block cipher: Triple DES EDE (FIPS 46-3) cipher algorithm
154
+
Length-preserving ciphers: Triple DES EDE with ECB and CBC modes
121
155
122
-
This module provides implementation of the Triple DES EDE cipher
123
-
algorithm that is optimized for x86-64 processors. Two versions of
124
-
algorithm are provided; regular processing one input block and
125
-
one that processes three blocks parallel.
156
+
Architecture: x86_64
157
+
158
+
Processes one or three blocks in parallel.
126
159
127
160
config CRYPTO_SERPENT_SSE2_X86_64
128
-
tristate "Serpent cipher algorithm (x86_64/SSE2)"
161
+
tristate "Ciphers: Serpent with modes: ECB, CBC (SSE2)"
129
162
depends on X86 && 64BIT
130
163
select CRYPTO_SKCIPHER
131
164
select CRYPTO_SERPENT
132
165
select CRYPTO_SIMD
133
166
imply CRYPTO_CTR
134
167
help
135
-
Serpent cipher algorithm, by Anderson, Biham & Knudsen.
168
+
Length-preserving ciphers: Serpent cipher algorithm
169
+
with ECB and CBC modes
136
170
137
-
Keys are allowed to be from 0 to 256 bits in length, in steps
138
-
of 8 bits.
171
+
Architecture: x86_64 using:
172
+
- SSE2 (Streaming SIMD Extensions 2)
139
173
140
-
This module provides Serpent cipher algorithm that processes eight
141
-
blocks parallel using SSE2 instruction set.
142
-
143
-
See also:
144
-
<https://www.cl.cam.ac.uk/~rja14/serpent.html>
174
+
Processes eight blocks in parallel.
145
175
146
176
config CRYPTO_SERPENT_SSE2_586
147
-
tristate "Serpent cipher algorithm (i586/SSE2)"
177
+
tristate "Ciphers: Serpent with modes: ECB, CBC (32-bit with SSE2)"
148
178
depends on X86 && !64BIT
149
179
select CRYPTO_SKCIPHER
150
180
select CRYPTO_SERPENT
151
181
select CRYPTO_SIMD
152
182
imply CRYPTO_CTR
153
183
help
154
-
Serpent cipher algorithm, by Anderson, Biham & Knudsen.
184
+
Length-preserving ciphers: Serpent cipher algorithm
185
+
with ECB and CBC modes
155
186
156
-
Keys are allowed to be from 0 to 256 bits in length, in steps
157
-
of 8 bits.
187
+
Architecture: x86 (32-bit) using:
188
+
- SSE2 (Streaming SIMD Extensions 2)
158
189
159
-
This module provides Serpent cipher algorithm that processes four
160
-
blocks parallel using SSE2 instruction set.
161
-
162
-
See also:
163
-
<https://www.cl.cam.ac.uk/~rja14/serpent.html>
190
+
Processes four blocks in parallel.
164
191
165
192
config CRYPTO_SERPENT_AVX_X86_64
166
-
tristate "Serpent cipher algorithm (x86_64/AVX)"
193
+
tristate "Ciphers: Serpent with modes: ECB, CBC (AVX)"
167
194
depends on X86 && 64BIT
168
195
select CRYPTO_SKCIPHER
169
196
select CRYPTO_SERPENT
···
167
202
imply CRYPTO_XTS
168
203
imply CRYPTO_CTR
169
204
help
170
-
Serpent cipher algorithm, by Anderson, Biham & Knudsen.
205
+
Length-preserving ciphers: Serpent cipher algorithm
206
+
with ECB and CBC modes
171
207
172
-
Keys are allowed to be from 0 to 256 bits in length, in steps
173
-
of 8 bits.
208
+
Architecture: x86_64 using:
209
+
- AVX (Advanced Vector Extensions)
174
210
175
-
This module provides the Serpent cipher algorithm that processes
176
-
eight blocks parallel using the AVX instruction set.
177
-
178
-
See also:
179
-
<https://www.cl.cam.ac.uk/~rja14/serpent.html>
211
+
Processes eight blocks in parallel.
180
212
181
213
config CRYPTO_SERPENT_AVX2_X86_64
182
-
tristate "Serpent cipher algorithm (x86_64/AVX2)"
214
+
tristate "Ciphers: Serpent with modes: ECB, CBC (AVX2)"
183
215
depends on X86 && 64BIT
184
216
select CRYPTO_SERPENT_AVX_X86_64
185
217
help
186
-
Serpent cipher algorithm, by Anderson, Biham & Knudsen.
218
+
Length-preserving ciphers: Serpent cipher algorithm
219
+
with ECB and CBC modes
187
220
188
-
Keys are allowed to be from 0 to 256 bits in length, in steps
189
-
of 8 bits.
221
+
Architecture: x86_64 using:
222
+
- AVX2 (Advanced Vector Extensions 2)
190
223
191
-
This module provides Serpent cipher algorithm that processes 16
192
-
blocks parallel using AVX2 instruction set.
193
-
194
-
See also:
195
-
<https://www.cl.cam.ac.uk/~rja14/serpent.html>
224
+
Processes 16 blocks in parallel.
196
225
197
226
config CRYPTO_SM4_AESNI_AVX_X86_64
198
-
tristate "SM4 cipher algorithm (x86_64/AES-NI/AVX)"
227
+
tristate "Ciphers: SM4 with modes: ECB, CBC, CFB, CTR (AES-NI/AVX)"
199
228
depends on X86 && 64BIT
200
229
select CRYPTO_SKCIPHER
201
230
select CRYPTO_SIMD
202
231
select CRYPTO_ALGAPI
203
232
select CRYPTO_SM4
204
233
help
205
-
SM4 cipher algorithms (OSCCA GB/T 32907-2016) (x86_64/AES-NI/AVX).
234
+
Length-preserving ciphers: SM4 cipher algorithms
235
+
(OSCCA GB/T 32907-2016) with ECB, CBC, CFB, and CTR modes
206
236
207
-
SM4 (GBT.32907-2016) is a cryptographic standard issued by the
208
-
Organization of State Commercial Administration of China (OSCCA)
209
-
as an authorized cryptographic algorithms for the use within China.
237
+
Architecture: x86_64 using:
238
+
- AES-NI (AES New Instructions)
239
+
- AVX (Advanced Vector Extensions)
210
240
211
-
This is SM4 optimized implementation using AES-NI/AVX/x86_64
212
-
instruction set for block cipher. Through two affine transforms,
241
+
Through two affine transforms,
213
242
we can use the AES S-Box to simulate the SM4 S-Box to achieve the
214
243
effect of instruction acceleration.
215
244
216
245
If unsure, say N.
217
246
218
247
config CRYPTO_SM4_AESNI_AVX2_X86_64
219
-
tristate "SM4 cipher algorithm (x86_64/AES-NI/AVX2)"
248
+
tristate "Ciphers: SM4 with modes: ECB, CBC, CFB, CTR (AES-NI/AVX2)"
220
249
depends on X86 && 64BIT
221
250
select CRYPTO_SKCIPHER
222
251
select CRYPTO_SIMD
···
218
259
select CRYPTO_SM4
219
260
select CRYPTO_SM4_AESNI_AVX_X86_64
220
261
help
221
-
SM4 cipher algorithms (OSCCA GB/T 32907-2016) (x86_64/AES-NI/AVX2).
262
+
Length-preserving ciphers: SM4 cipher algorithms
263
+
(OSCCA GB/T 32907-2016) with ECB, CBC, CFB, and CTR modes
222
264
223
-
SM4 (GBT.32907-2016) is a cryptographic standard issued by the
224
-
Organization of State Commercial Administration of China (OSCCA)
225
-
as an authorized cryptographic algorithms for the use within China.
265
+
Architecture: x86_64 using:
266
+
- AES-NI (AES New Instructions)
267
+
- AVX2 (Advanced Vector Extensions 2)
226
268
227
-
This is SM4 optimized implementation using AES-NI/AVX2/x86_64
228
-
instruction set for block cipher. Through two affine transforms,
269
+
Through two affine transforms,
229
270
we can use the AES S-Box to simulate the SM4 S-Box to achieve the
230
271
effect of instruction acceleration.
231
272
232
273
If unsure, say N.
233
274
234
275
config CRYPTO_TWOFISH_586
235
-
tristate "Twofish cipher algorithms (i586)"
276
+
tristate "Ciphers: Twofish (32-bit)"
236
277
depends on (X86 || UML_X86) && !64BIT
237
278
select CRYPTO_ALGAPI
238
279
select CRYPTO_TWOFISH_COMMON
239
280
imply CRYPTO_CTR
240
281
help
241
-
Twofish cipher algorithm.
282
+
Block cipher: Twofish cipher algorithm
242
283
243
-
Twofish was submitted as an AES (Advanced Encryption Standard)
244
-
candidate cipher by researchers at CounterPane Systems. It is a
245
-
16 round block cipher supporting key sizes of 128, 192, and 256
246
-
bits.
247
-
248
-
See also:
249
-
<https://www.schneier.com/twofish.html>
284
+
Architecture: x86 (32-bit)
250
285
251
286
config CRYPTO_TWOFISH_X86_64
252
-
tristate "Twofish cipher algorithm (x86_64)"
287
+
tristate "Ciphers: Twofish"
253
288
depends on (X86 || UML_X86) && 64BIT
254
289
select CRYPTO_ALGAPI
255
290
select CRYPTO_TWOFISH_COMMON
256
291
imply CRYPTO_CTR
257
292
help
258
-
Twofish cipher algorithm (x86_64).
293
+
Block cipher: Twofish cipher algorithm
259
294
260
-
Twofish was submitted as an AES (Advanced Encryption Standard)
261
-
candidate cipher by researchers at CounterPane Systems. It is a
262
-
16 round block cipher supporting key sizes of 128, 192, and 256
263
-
bits.
264
-
265
-
See also:
266
-
<https://www.schneier.com/twofish.html>
295
+
Architecture: x86_64
267
296
268
297
config CRYPTO_TWOFISH_X86_64_3WAY
269
-
tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
298
+
tristate "Ciphers: Twofish with modes: ECB, CBC (3-way parallel)"
270
299
depends on X86 && 64BIT
271
300
select CRYPTO_SKCIPHER
272
301
select CRYPTO_TWOFISH_COMMON
273
302
select CRYPTO_TWOFISH_X86_64
274
303
help
275
-
Twofish cipher algorithm (x86_64, 3-way parallel).
304
+
Length-preserving cipher: Twofish cipher algorithm
305
+
with ECB and CBC modes
276
306
277
-
Twofish was submitted as an AES (Advanced Encryption Standard)
278
-
candidate cipher by researchers at CounterPane Systems. It is a
279
-
16 round block cipher supporting key sizes of 128, 192, and 256
280
-
bits.
307
+
Architecture: x86_64
281
308
282
-
This module provides Twofish cipher algorithm that processes three
283
-
blocks parallel, utilizing resources of out-of-order CPUs better.
284
-
285
-
See also:
286
-
<https://www.schneier.com/twofish.html>
309
+
Processes three blocks in parallel, better utilizing resources of
310
+
out-of-order CPUs.
287
311
288
312
config CRYPTO_TWOFISH_AVX_X86_64
289
-
tristate "Twofish cipher algorithm (x86_64/AVX)"
313
+
tristate "Ciphers: Twofish with modes: ECB, CBC (AVX)"
290
314
depends on X86 && 64BIT
291
315
select CRYPTO_SKCIPHER
292
316
select CRYPTO_SIMD
···
278
336
select CRYPTO_TWOFISH_X86_64_3WAY
279
337
imply CRYPTO_XTS
280
338
help
281
-
Twofish cipher algorithm (x86_64/AVX).
339
+
Length-preserving cipher: Twofish cipher algorithm
340
+
with ECB and CBC modes
282
341
283
-
Twofish was submitted as an AES (Advanced Encryption Standard)
284
-
candidate cipher by researchers at CounterPane Systems. It is a
285
-
16 round block cipher supporting key sizes of 128, 192, and 256
286
-
bits.
342
+
Architecture: x86_64 using:
343
+
- AVX (Advanced Vector Extensions)
287
344
288
-
This module provides the Twofish cipher algorithm that processes
289
-
eight blocks parallel using the AVX Instruction Set.
290
-
291
-
See also:
292
-
<https://www.schneier.com/twofish.html>
345
+
Processes eight blocks in parallel.
293
346
294
347
config CRYPTO_CHACHA20_X86_64
295
-
tristate "ChaCha stream cipher algorithms (x86_64/SSSE3/AVX2/AVX-512VL)"
348
+
tristate "Ciphers: ChaCha20, XChaCha20, XChaCha12 (SSSE3/AVX2/AVX-512VL)"
296
349
depends on X86 && 64BIT
297
350
select CRYPTO_SKCIPHER
298
351
select CRYPTO_LIB_CHACHA_GENERIC
299
352
select CRYPTO_ARCH_HAVE_LIB_CHACHA
300
353
help
301
-
SSSE3, AVX2, and AVX-512VL optimized implementations of the ChaCha20,
302
-
XChaCha20, and XChaCha12 stream ciphers.
354
+
Length-preserving ciphers: ChaCha20, XChaCha20, and XChaCha12
355
+
stream cipher algorithms
356
+
357
+
Architecture: x86_64 using:
358
+
- SSSE3 (Supplemental SSE3)
359
+
- AVX2 (Advanced Vector Extensions 2)
360
+
- AVX-512VL (Advanced Vector Extensions-512VL)
303
361
304
362
config CRYPTO_AEGIS128_AESNI_SSE2
305
363
tristate "AEAD ciphers: AEGIS-128 (AES-NI/SSE2)"
+121
-113
crypto/Kconfig
+121
-113
crypto/Kconfig
···
219
219
select CRYPTO_NULL
220
220
help
221
221
Authenc: Combined mode wrapper for IPsec.
222
-
This is required for IPSec.
222
+
223
+
This is required for IPSec ESP (XFRM_ESP).
223
224
224
225
config CRYPTO_TEST
225
226
tristate "Testing module"
···
337
336
menu "Block ciphers"
338
337
339
338
config CRYPTO_AES
340
-
tristate "AES cipher algorithms"
339
+
tristate "AES (Advanced Encryption Standard)"
341
340
select CRYPTO_ALGAPI
342
341
select CRYPTO_LIB_AES
343
342
help
344
-
AES cipher algorithms (FIPS-197). AES uses the Rijndael
345
-
algorithm.
343
+
AES cipher algorithms (Rijndael)(FIPS-197, ISO/IEC 18033-3)
346
344
347
345
Rijndael appears to be consistently a very good performer in
348
346
both hardware and software across a wide range of computing
···
354
354
355
355
The AES specifies three key sizes: 128, 192 and 256 bits
356
356
357
-
See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
358
-
359
357
config CRYPTO_AES_TI
360
-
tristate "Fixed time AES cipher"
358
+
tristate "AES (Advanced Encryption Standard) (fixed time)"
361
359
select CRYPTO_ALGAPI
362
360
select CRYPTO_LIB_AES
363
361
help
362
+
AES cipher algorithms (Rijndael)(FIPS-197, ISO/IEC 18033-3)
363
+
364
364
This is a generic implementation of AES that attempts to eliminate
365
365
data dependent latencies as much as possible without affecting
366
366
performance too much. It is intended for use by the generic CCM
···
376
376
are evicted when the CPU is interrupted to do something else.
377
377
378
378
config CRYPTO_ANUBIS
379
-
tristate "Anubis cipher algorithm"
379
+
tristate "Anubis"
380
380
depends on CRYPTO_USER_API_ENABLE_OBSOLETE
381
381
select CRYPTO_ALGAPI
382
382
help
383
-
Anubis cipher algorithm.
383
+
Anubis cipher algorithm
384
384
385
385
Anubis is a variable key length cipher which can use keys from
386
386
128 bits to 320 bits in length. It was evaluated as a entrant
387
387
in the NESSIE competition.
388
388
389
-
See also:
390
-
<https://www.cosic.esat.kuleuven.be/nessie/reports/>
391
-
<http://www.larc.usp.br/~pbarreto/AnubisPage.html>
389
+
See https://web.archive.org/web/20160606112246/http://www.larc.usp.br/~pbarreto/AnubisPage.html
390
+
for further information.
392
391
393
392
config CRYPTO_ARIA
394
-
tristate "ARIA cipher algorithm"
393
+
tristate "ARIA"
395
394
select CRYPTO_ALGAPI
396
395
help
397
-
ARIA cipher algorithm (RFC5794).
396
+
ARIA cipher algorithm (RFC5794)
398
397
399
398
ARIA is a standard encryption algorithm of the Republic of Korea.
400
399
The ARIA specifies three key sizes and rounds.
···
401
402
192-bit: 14 rounds.
402
403
256-bit: 16 rounds.
403
404
404
-
See also:
405
-
<https://seed.kisa.or.kr/kisa/algorithm/EgovAriaInfo.do>
405
+
See:
406
+
https://seed.kisa.or.kr/kisa/algorithm/EgovAriaInfo.do
406
407
407
408
config CRYPTO_BLOWFISH
408
-
tristate "Blowfish cipher algorithm"
409
+
tristate "Blowfish"
409
410
select CRYPTO_ALGAPI
410
411
select CRYPTO_BLOWFISH_COMMON
411
412
help
412
-
Blowfish cipher algorithm, by Bruce Schneier.
413
+
Blowfish cipher algorithm, by Bruce Schneier
413
414
414
415
This is a variable key length cipher which can use keys from 32
415
416
bits to 448 bits in length. It's fast, simple and specifically
416
417
designed for use on "large microprocessors".
417
418
418
-
See also:
419
-
<https://www.schneier.com/blowfish.html>
419
+
See https://www.schneier.com/blowfish.html for further information.
420
420
421
421
config CRYPTO_BLOWFISH_COMMON
422
422
tristate
···
423
425
Common parts of the Blowfish cipher algorithm shared by the
424
426
generic c and the assembler implementations.
425
427
426
-
See also:
427
-
<https://www.schneier.com/blowfish.html>
428
-
429
428
config CRYPTO_CAMELLIA
430
-
tristate "Camellia cipher algorithms"
429
+
tristate "Camellia"
431
430
select CRYPTO_ALGAPI
432
431
help
433
-
Camellia cipher algorithms module.
432
+
Camellia cipher algorithms (ISO/IEC 18033-3)
434
433
435
434
Camellia is a symmetric key block cipher developed jointly
436
435
at NTT and Mitsubishi Electric Corporation.
437
436
438
437
The Camellia specifies three key sizes: 128, 192 and 256 bits.
439
438
440
-
See also:
441
-
<https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
439
+
See https://info.isl.ntt.co.jp/crypt/eng/camellia/ for further information.
442
440
443
441
config CRYPTO_CAST_COMMON
444
442
tristate
···
443
449
generic c and the assembler implementations.
444
450
445
451
config CRYPTO_CAST5
446
-
tristate "CAST5 (CAST-128) cipher algorithm"
452
+
tristate "CAST5 (CAST-128)"
447
453
select CRYPTO_ALGAPI
448
454
select CRYPTO_CAST_COMMON
449
455
help
450
-
The CAST5 encryption algorithm (synonymous with CAST-128) is
451
-
described in RFC2144.
456
+
CAST5 (CAST-128) cipher algorithm (RFC2144, ISO/IEC 18033-3)
452
457
453
458
config CRYPTO_CAST6
454
-
tristate "CAST6 (CAST-256) cipher algorithm"
459
+
tristate "CAST6 (CAST-256)"
455
460
select CRYPTO_ALGAPI
456
461
select CRYPTO_CAST_COMMON
457
462
help
458
-
The CAST6 encryption algorithm (synonymous with CAST-256) is
459
-
described in RFC2612.
463
+
CAST6 (CAST-256) encryption algorithm (RFC2612)
460
464
461
465
config CRYPTO_DES
462
-
tristate "DES and Triple DES EDE cipher algorithms"
466
+
tristate "DES and Triple DES EDE"
463
467
select CRYPTO_ALGAPI
464
468
select CRYPTO_LIB_DES
465
469
help
466
-
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
470
+
DES (Data Encryption Standard)(FIPS 46-2, ISO/IEC 18033-3) and
471
+
Triple DES EDE (Encrypt/Decrypt/Encrypt) (FIPS 46-3, ISO/IEC 18033-3)
472
+
cipher algorithms
467
473
468
474
config CRYPTO_FCRYPT
469
-
tristate "FCrypt cipher algorithm"
475
+
tristate "FCrypt"
470
476
select CRYPTO_ALGAPI
471
477
select CRYPTO_SKCIPHER
472
478
help
473
-
FCrypt algorithm used by RxRPC.
479
+
FCrypt algorithm used by RxRPC
480
+
481
+
See https://ota.polyonymo.us/fcrypt-paper.txt
474
482
475
483
config CRYPTO_KHAZAD
476
-
tristate "Khazad cipher algorithm"
484
+
tristate "Khazad"
477
485
depends on CRYPTO_USER_API_ENABLE_OBSOLETE
478
486
select CRYPTO_ALGAPI
479
487
help
480
-
Khazad cipher algorithm.
488
+
Khazad cipher algorithm
481
489
482
490
Khazad was a finalist in the initial NESSIE competition. It is
483
491
an algorithm optimized for 64-bit processors with good performance
484
492
on 32-bit processors. Khazad uses an 128 bit key size.
485
493
486
-
See also:
487
-
<http://www.larc.usp.br/~pbarreto/KhazadPage.html>
494
+
See https://web.archive.org/web/20171011071731/http://www.larc.usp.br/~pbarreto/KhazadPage.html
495
+
for further information.
488
496
489
497
config CRYPTO_SEED
490
-
tristate "SEED cipher algorithm"
498
+
tristate "SEED"
491
499
depends on CRYPTO_USER_API_ENABLE_OBSOLETE
492
500
select CRYPTO_ALGAPI
493
501
help
494
-
SEED cipher algorithm (RFC4269).
502
+
SEED cipher algorithm (RFC4269, ISO/IEC 18033-3)
495
503
496
504
SEED is a 128-bit symmetric key block cipher that has been
497
505
developed by KISA (Korea Information Security Agency) as a
498
506
national standard encryption algorithm of the Republic of Korea.
499
507
It is a 16 round block cipher with the key size of 128 bit.
500
508
501
-
See also:
502
-
<http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
509
+
See https://seed.kisa.or.kr/kisa/algorithm/EgovSeedInfo.do
510
+
for further information.
503
511
504
512
config CRYPTO_SERPENT
505
-
tristate "Serpent cipher algorithm"
513
+
tristate "Serpent"
506
514
select CRYPTO_ALGAPI
507
515
help
508
-
Serpent cipher algorithm, by Anderson, Biham & Knudsen.
516
+
Serpent cipher algorithm, by Anderson, Biham & Knudsen
509
517
510
518
Keys are allowed to be from 0 to 256 bits in length, in steps
511
519
of 8 bits.
512
520
513
-
See also:
514
-
<https://www.cl.cam.ac.uk/~rja14/serpent.html>
521
+
See https://www.cl.cam.ac.uk/~rja14/serpent.html for further information.
515
522
516
523
config CRYPTO_SM4
517
524
tristate
518
525
519
526
config CRYPTO_SM4_GENERIC
520
-
tristate "SM4 cipher algorithm"
527
+
tristate "SM4 (ShangMi 4)"
521
528
select CRYPTO_ALGAPI
522
529
select CRYPTO_SM4
523
530
help
524
-
SM4 cipher algorithms (OSCCA GB/T 32907-2016).
531
+
SM4 cipher algorithms (OSCCA GB/T 32907-2016,
532
+
ISO/IEC 18033-3:2010/Amd 1:2021)
525
533
526
534
SM4 (GBT.32907-2016) is a cryptographic standard issued by the
527
535
Organization of State Commercial Administration of China (OSCCA)
···
540
544
541
545
The input, output, and key of SMS4 are each 128 bits.
542
546
543
-
See also: <https://eprint.iacr.org/2008/329.pdf>
547
+
See https://eprint.iacr.org/2008/329.pdf for further information.
544
548
545
549
If unsure, say N.
546
550
547
551
config CRYPTO_TEA
548
-
tristate "TEA, XTEA and XETA cipher algorithms"
552
+
tristate "TEA, XTEA and XETA"
549
553
depends on CRYPTO_USER_API_ENABLE_OBSOLETE
550
554
select CRYPTO_ALGAPI
551
555
help
552
-
TEA cipher algorithm.
556
+
TEA (Tiny Encryption Algorithm) cipher algorithms
553
557
554
558
Tiny Encryption Algorithm is a simple cipher that uses
555
559
many rounds for security. It is very fast and uses
···
563
567
of the XTEA algorithm for compatibility purposes.
564
568
565
569
config CRYPTO_TWOFISH
566
-
tristate "Twofish cipher algorithm"
570
+
tristate "Twofish"
567
571
select CRYPTO_ALGAPI
568
572
select CRYPTO_TWOFISH_COMMON
569
573
help
570
-
Twofish cipher algorithm.
574
+
Twofish cipher algorithm
571
575
572
576
Twofish was submitted as an AES (Advanced Encryption Standard)
573
577
candidate cipher by researchers at CounterPane Systems. It is a
574
578
16 round block cipher supporting key sizes of 128, 192, and 256
575
579
bits.
576
580
577
-
See also:
578
-
<https://www.schneier.com/twofish.html>
581
+
See https://www.schneier.com/twofish.html for further information.
579
582
580
583
config CRYPTO_TWOFISH_COMMON
581
584
tristate
···
587
592
menu "Length-preserving ciphers and modes"
588
593
589
594
config CRYPTO_ADIANTUM
590
-
tristate "Adiantum support"
595
+
tristate "Adiantum"
591
596
select CRYPTO_CHACHA20
592
597
select CRYPTO_LIB_POLY1305_GENERIC
593
598
select CRYPTO_NHPOLY1305
594
599
select CRYPTO_MANAGER
595
600
help
596
-
Adiantum is a tweakable, length-preserving encryption mode
597
-
designed for fast and secure disk encryption, especially on
601
+
Adiantum tweakable, length-preserving encryption mode
602
+
603
+
Designed for fast and secure disk encryption, especially on
598
604
CPUs without dedicated crypto instructions. It encrypts
599
605
each sector using the XChaCha12 stream cipher, two passes of
600
606
an ε-almost-∆-universal hash function, and an invocation of
···
612
616
If unsure, say N.
613
617
614
618
config CRYPTO_ARC4
615
-
tristate "ARC4 cipher algorithm"
619
+
tristate "ARC4 (Alleged Rivest Cipher 4)"
616
620
depends on CRYPTO_USER_API_ENABLE_OBSOLETE
617
621
select CRYPTO_SKCIPHER
618
622
select CRYPTO_LIB_ARC4
619
623
help
620
-
ARC4 cipher algorithm.
624
+
ARC4 cipher algorithm
621
625
622
626
ARC4 is a stream cipher using keys ranging from 8 bits to 2048
623
627
bits in length. This algorithm is required for driver-based
···
625
629
weakness of the algorithm.
626
630
627
631
config CRYPTO_CHACHA20
628
-
tristate "ChaCha stream cipher algorithms"
632
+
tristate "ChaCha"
629
633
select CRYPTO_LIB_CHACHA_GENERIC
630
634
select CRYPTO_SKCIPHER
631
635
help
632
-
The ChaCha20, XChaCha20, and XChaCha12 stream cipher algorithms.
636
+
The ChaCha20, XChaCha20, and XChaCha12 stream cipher algorithms
633
637
634
638
ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
635
639
Bernstein and further specified in RFC7539 for use in IETF protocols.
636
-
This is the portable C implementation of ChaCha20. See also:
637
-
<https://cr.yp.to/chacha/chacha-20080128.pdf>
640
+
This is the portable C implementation of ChaCha20. See
641
+
https://cr.yp.to/chacha/chacha-20080128.pdf for further information.
638
642
639
643
XChaCha20 is the application of the XSalsa20 construction to ChaCha20
640
644
rather than to Salsa20. XChaCha20 extends ChaCha20's nonce length
641
645
from 64 bits (or 96 bits using the RFC7539 convention) to 192 bits,
642
-
while provably retaining ChaCha20's security. See also:
643
-
<https://cr.yp.to/snuffle/xsalsa-20081128.pdf>
646
+
while provably retaining ChaCha20's security. See
647
+
https://cr.yp.to/snuffle/xsalsa-20081128.pdf for further information.
644
648
645
649
XChaCha12 is XChaCha20 reduced to 12 rounds, with correspondingly
646
650
reduced security margin but increased performance. It can be needed
647
651
in some performance-sensitive scenarios.
648
652
649
653
config CRYPTO_CBC
650
-
tristate "CBC support"
654
+
tristate "CBC (Cipher Block Chaining)"
651
655
select CRYPTO_SKCIPHER
652
656
select CRYPTO_MANAGER
653
657
help
654
-
CBC: Cipher Block Chaining mode
655
-
This block cipher algorithm is required for IPSec.
658
+
CBC (Cipher Block Chaining) mode (NIST SP800-38A)
659
+
660
+
This block cipher mode is required for IPSec ESP (XFRM_ESP).
656
661
657
662
config CRYPTO_CFB
658
-
tristate "CFB support"
663
+
tristate "CFB (Cipher Feedback)"
659
664
select CRYPTO_SKCIPHER
660
665
select CRYPTO_MANAGER
661
666
help
662
-
CFB: Cipher FeedBack mode
663
-
This block cipher algorithm is required for TPM2 Cryptography.
667
+
CFB (Cipher Feedback) mode (NIST SP800-38A)
668
+
669
+
This block cipher mode is required for TPM2 Cryptography.
664
670
665
671
config CRYPTO_CTR
666
-
tristate "CTR support"
672
+
tristate "CTR (Counter)"
667
673
select CRYPTO_SKCIPHER
668
674
select CRYPTO_MANAGER
669
675
help
670
-
CTR: Counter mode
671
-
This block cipher algorithm is required for IPSec.
676
+
CTR (Counter) mode (NIST SP800-38A)
672
677
673
678
config CRYPTO_CTS
674
-
tristate "CTS support"
679
+
tristate "CTS (Cipher Text Stealing)"
675
680
select CRYPTO_SKCIPHER
676
681
select CRYPTO_MANAGER
677
682
help
678
-
CTS: Cipher Text Stealing
679
-
This is the Cipher Text Stealing mode as described by
680
-
Section 8 of rfc2040 and referenced by rfc3962
681
-
(rfc3962 includes errata information in its Appendix A) or
682
-
CBC-CS3 as defined by NIST in Sp800-38A addendum from Oct 2010.
683
+
CBC-CS3 variant of CTS (Cipher Text Stealing) (NIST
684
+
Addendum to SP800-38A (October 2010))
685
+
683
686
This mode is required for Kerberos gss mechanism support
684
687
for AES encryption.
685
688
686
-
See: https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
687
-
688
689
config CRYPTO_ECB
689
-
tristate "ECB support"
690
+
tristate "ECB (Electronic Codebook)"
690
691
select CRYPTO_SKCIPHER
691
692
select CRYPTO_MANAGER
692
693
help
693
-
ECB: Electronic CodeBook mode
694
-
This is the simplest block cipher algorithm. It simply encrypts
695
-
the input block by block.
694
+
ECB (Electronic Codebook) mode (NIST SP800-38A)
696
695
697
696
config CRYPTO_HCTR2
698
-
tristate "HCTR2 support"
697
+
tristate "HCTR2"
699
698
select CRYPTO_XCTR
700
699
select CRYPTO_POLYVAL
701
700
select CRYPTO_MANAGER
702
701
help
703
-
HCTR2 is a length-preserving encryption mode for storage encryption that
704
-
is efficient on processors with instructions to accelerate AES and
705
-
carryless multiplication, e.g. x86 processors with AES-NI and CLMUL, and
706
-
ARM processors with the ARMv8 crypto extensions.
702
+
HCTR2 length-preserving encryption mode
703
+
704
+
A mode for storage encryption that is efficient on processors with
705
+
instructions to accelerate AES and carryless multiplication, e.g.
706
+
x86 processors with AES-NI and CLMUL, and ARM processors with the
707
+
ARMv8 crypto extensions.
708
+
709
+
See https://eprint.iacr.org/2021/1441
707
710
708
711
config CRYPTO_KEYWRAP
709
-
tristate "Key wrapping support"
712
+
tristate "KW (AES Key Wrap)"
710
713
select CRYPTO_SKCIPHER
711
714
select CRYPTO_MANAGER
712
715
help
713
-
Support for key wrapping (NIST SP800-38F / RFC3394) without
714
-
padding.
716
+
KW (AES Key Wrap) authenticated encryption mode (NIST SP800-38F
717
+
and RFC3394) without padding.
715
718
716
719
config CRYPTO_LRW
717
-
tristate "LRW support"
720
+
tristate "LRW (Liskov Rivest Wagner)"
718
721
select CRYPTO_SKCIPHER
719
722
select CRYPTO_MANAGER
720
723
select CRYPTO_GF128MUL
721
724
select CRYPTO_ECB
722
725
help
723
-
LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
726
+
LRW (Liskov Rivest Wagner) mode
727
+
728
+
A tweakable, non malleable, non movable
724
729
narrow block cipher mode for dm-crypt. Use it with cipher
725
730
specification string aes-lrw-benbi, the key must be 256, 320 or 384.
726
731
The first 128, 192 or 256 bits in the key are used for AES and the
727
732
rest is used to tie each cipher block to its logical position.
728
733
734
+
See https://people.csail.mit.edu/rivest/pubs/LRW02.pdf
735
+
729
736
config CRYPTO_OFB
730
-
tristate "OFB support"
737
+
tristate "OFB (Output Feedback)"
731
738
select CRYPTO_SKCIPHER
732
739
select CRYPTO_MANAGER
733
740
help
734
-
OFB: the Output Feedback mode makes a block cipher into a synchronous
741
+
OFB (Output Feedback) mode (NIST SP800-38A)
742
+
743
+
This mode makes a block cipher into a synchronous
735
744
stream cipher. It generates keystream blocks, which are then XORed
736
745
with the plaintext blocks to get the ciphertext. Flipping a bit in the
737
746
ciphertext produces a flipped bit in the plaintext at the same
···
744
743
normally even when applied before encryption.
745
744
746
745
config CRYPTO_PCBC
747
-
tristate "PCBC support"
746
+
tristate "PCBC (Propagating Cipher Block Chaining)"
748
747
select CRYPTO_SKCIPHER
749
748
select CRYPTO_MANAGER
750
749
help
751
-
PCBC: Propagating Cipher Block Chaining mode
752
-
This block cipher algorithm is required for RxRPC.
750
+
PCBC (Propagating Cipher Block Chaining) mode
751
+
752
+
This block cipher mode is required for RxRPC.
753
753
754
754
config CRYPTO_XCTR
755
755
tristate
756
756
select CRYPTO_SKCIPHER
757
757
select CRYPTO_MANAGER
758
758
help
759
-
XCTR: XOR Counter mode. This blockcipher mode is a variant of CTR mode
760
-
using XORs and little-endian addition rather than big-endian arithmetic.
759
+
XCTR (XOR Counter) mode for HCTR2
760
+
761
+
This blockcipher mode is a variant of CTR mode using XORs and little-endian
762
+
addition rather than big-endian arithmetic.
763
+
761
764
XCTR mode is used to implement HCTR2.
762
765
763
766
config CRYPTO_XTS
764
-
tristate "XTS support"
767
+
tristate "XTS (XOR Encrypt XOR with ciphertext stealing)"
765
768
select CRYPTO_SKCIPHER
766
769
select CRYPTO_MANAGER
767
770
select CRYPTO_ECB
768
771
help
769
-
XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
770
-
key size 256, 384 or 512 bits. This implementation currently
771
-
can't handle a sectorsize which is not a multiple of 16 bytes.
772
+
XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
773
+
and IEEE 1619)
774
+
775
+
Use with aes-xts-plain, key size 256, 384 or 512 bits. This
776
+
implementation currently can't handle a sectorsize which is not a
777
+
multiple of 16 bytes.
772
778
773
779
config CRYPTO_NHPOLY1305
774
780
tristate
···
814
806
mode (RFC8439)
815
807
816
808
config CRYPTO_CCM
817
-
tristate "CCM (Counter with Cipher Block Chaining-Message Authentication Code)"
809
+
tristate "CCM (Counter with Cipher Block Chaining-MAC)"
818
810
select CRYPTO_CTR
819
811
select CRYPTO_HASH
820
812
select CRYPTO_AEAD
···
824
816
authenticated encryption mode (NIST SP800-38C)
825
817
826
818
config CRYPTO_GCM
827
-
tristate "GCM (Galois/Counter Mode) and GMAC (GCM Message Authentication Code)"
819
+
tristate "GCM (Galois/Counter Mode) and GMAC (GCM MAC)"
828
820
select CRYPTO_CTR
829
821
select CRYPTO_AEAD
830
822
select CRYPTO_GHASH